Load denied by X-Frame-Options

(Keyur Patel) #1


I am using Dwolla Oath to connect account to our app. I am using an iframe (popup) to do that. but the page does not appear and I got “Load denied by X-Frame-Options: https://uat.dwolla.com/sandbox/register/oauth/835457cc-73db-4d34-9ae3-6eafcc31cf94 does not permit framing.” error in console. What could be the issue ?

(Spencer Hunter) #2

Hi @Keyur_Patel, We released a change about a week ago which prevents the OAuth flow from being i-framed. This was a security issue and goes against the OAuth2 spec. More information can be found in the thread below…

Let us know if you have any questions on alternative solutions to iframing the OAuth flow.